Amazon Relational Database Service
API Reference (API Version 2014-10-31)

CreateDBInstanceReadReplica

Creates a new DB instance that acts as a Read Replica for an existing source DB instance. You can create a Read Replica for a DB instance running MySQL, MariaDB, Oracle, or PostgreSQL. For more information, see Working with Read Replicas in the Amazon RDS User Guide.

Amazon Aurora doesn't support this action. You must call the CreateDBInstance action to create a DB instance for an Aurora DB cluster.

All Read Replica DB instances are created with backups disabled. All other DB instance attributes (including DB security groups and DB parameter groups) are inherited from the source DB instance, except as specified following.

Important

Your source DB instance must have backup retention enabled.

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

AutoMinorVersionUpgrade

A value that indicates whether minor engine upgrades are applied automatically to the Read Replica during the maintenance window.

Default: Inherits from the source DB instance

Type: Boolean

Required: No

AvailabilityZone

The Availability Zone (AZ) where the Read Replica will be created.

Default: A random, system-chosen Availability Zone in the endpoint's AWS Region.

Example: us-east-1d

Type: String

Required: No

CopyTagsToSnapshot

A value that indicates whether to copy all tags from the Read Replica to snapshots of the Read Replica. By default, tags are not copied.

Type: Boolean

Required: No

DBInstanceClass

The compute and memory capacity of the Read Replica, for example, db.m4.large. Not all DB instance classes are available in all AWS Regions, or for all database engines. For the full list of DB instance classes, and availability for your engine, see DB Instance Class in the Amazon RDS User Guide.

Default: Inherits from the source DB instance.

Type: String

Required: No

DBInstanceIdentifier

The DB instance identifier of the Read Replica. This identifier is the unique key that identifies a DB instance. This parameter is stored as a lowercase string.

Type: String

Required: Yes

DBParameterGroupName

The name of the DB parameter group to associate with this DB instance.

If you do not specify a value for DBParameterGroupName, then Amazon RDS uses the DBParameterGroup of source DB instance for a same region Read Replica, or the default DBParameterGroup for the specified DB engine for a cross region Read Replica.

Note

Currently, specifying a parameter group for this operation is only supported for Oracle DB instances.

Constraints:

  • Must be 1 to 255 letters, numbers, or hyphens.

  • First character must be a letter

  • Can't end with a hyphen or contain two consecutive hyphens

Type: String

Required: No

DBSubnetGroupName

Specifies a DB subnet group for the DB instance. The new DB instance is created in the VPC associated with the DB subnet group. If no DB subnet group is specified, then the new DB instance isn't created in a VPC.

Constraints:

  • Can only be specified if the source DB instance identifier specifies a DB instance in another AWS Region.

  • If supplied, must match the name of an existing DBSubnetGroup.

  • The specified DB subnet group must be in the same AWS Region in which the operation is running.

  • All Read Replicas in one AWS Region that are created from the same source DB instance must either:>

    • Specify DB subnet groups from the same VPC. All these Read Replicas are created in the same VPC.

    • Not specify a DB subnet group. All these Read Replicas are created outside of any VPC.

Example: mySubnetgroup

Type: String

Required: No

DeletionProtection

A value that indicates whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled. For more information, see Deleting a DB Instance.

Type: Boolean

Required: No

Domain

The Active Directory directory ID to create the DB instance in.

For Oracle DB instances, Amazon RDS can use Kerberos Authentication to authenticate users that connect to the DB instance. For more information, see Using Kerberos Authentication with Amazon RDS for Oracle in the Amazon RDS User Guide.

Type: String

Required: No

DomainIAMRoleName

Specify the name of the IAM role to be used when making API calls to the Directory Service.

Type: String

Required: No

EnableCloudwatchLogsExports.member.N

The list of logs that the new DB instance is to export to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon RDS User Guide.

Type: Array of strings

Required: No

EnableIAMDatabaseAuthentication

A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled. For information about the supported DB engines, see CreateDBInstance.

For more information about IAM database authentication, see IAM Database Authentication for MySQL and PostgreSQL in the Amazon RDS User Guide.

Type: Boolean

Required: No

EnablePerformanceInsights

A value that indicates whether to enable Performance Insights for the Read Replica.

For more information, see Using Amazon Performance Insights in the Amazon RDS User Guide.

Type: Boolean

Required: No

Iops

The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for the DB instance.

Type: Integer

Required: No

KmsKeyId

The AWS KMS key ID for an encrypted Read Replica. The KMS key ID is the Amazon Resource Name (ARN), KMS key identifier, or the KMS key alias for the KMS encryption key.

If you create an encrypted Read Replica in the same AWS Region as the source DB instance, then you do not have to specify a value for this parameter. The Read Replica is encrypted with the same KMS key as the source DB instance.

If you create an encrypted Read Replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the AWS Region that they are created in, and you can't use encryption keys from one AWS Region in another AWS Region.

You can't create an encrypted Read Replica from an unencrypted DB instance.

Type: String

Required: No

MonitoringInterval

The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the Read Replica. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0.

If MonitoringRoleArn is specified, then you must also set MonitoringInterval to a value other than 0.

Valid Values: 0, 1, 5, 10, 15, 30, 60

Type: Integer

Required: No

MonitoringRoleArn

The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, arn:aws:iam:123456789012:role/emaccess. For information on creating a monitoring role, go to To create an IAM role for Amazon RDS Enhanced Monitoring in the Amazon RDS User Guide.

If MonitoringInterval is set to a value other than 0, then you must supply a MonitoringRoleArn value.

Type: String

Required: No

MultiAZ

A value that indicates whether the Read Replica is in a Multi-AZ deployment.

You can create a Read Replica as a Multi-AZ DB instance. RDS creates a standby of your replica in another Availability Zone for failover support for the replica. Creating your Read Replica as a Multi-AZ DB instance is independent of whether the source database is a Multi-AZ DB instance.

Type: Boolean

Required: No

OptionGroupName

The option group the DB instance is associated with. If omitted, the option group associated with the source instance is used.

Type: String

Required: No

PerformanceInsightsKMSKeyId

The AWS KMS key identifier for encryption of Performance Insights data. The KMS key ID is the Amazon Resource Name (ARN), KMS key identifier, or the KMS key alias for the KMS encryption key.

If you do not specify a value for PerformanceInsightsKMSKeyId, then Amazon RDS uses your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS Region.

Type: String

Required: No

PerformanceInsightsRetentionPeriod

The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).

Type: Integer

Required: No

Port

The port number that the DB instance uses for connections.

Default: Inherits from the source DB instance

Valid Values: 1150-65535

Type: Integer

Required: No

PreSignedUrl

The URL that contains a Signature Version 4 signed request for the CreateDBInstanceReadReplica API action in the source AWS Region that contains the source DB instance.

You must specify this parameter when you create an encrypted Read Replica from another AWS Region by using the Amazon RDS API. Don't specify PreSignedUrl when you are creating an encrypted Read Replica in the same AWS Region.

The presigned URL must be a valid request for the CreateDBInstanceReadReplica API action that can be executed in the source AWS Region that contains the encrypted source DB instance. The presigned URL request must contain the following parameter values:

  • DestinationRegion - The AWS Region that the encrypted Read Replica is created in. This AWS Region is the same one where the CreateDBInstanceReadReplica action is called that contains this presigned URL.

    For example, if you create an encrypted DB instance in the us-west-1 AWS Region, from a source DB instance in the us-east-2 AWS Region, then you call the CreateDBInstanceReadReplica action in the us-east-1 AWS Region and provide a presigned URL that contains a call to the CreateDBInstanceReadReplica action in the us-west-2 AWS Region. For this example, the DestinationRegion in the presigned URL must be set to the us-east-1 AWS Region.

  • KmsKeyId - The AWS KMS key identifier for the key to use to encrypt the Read Replica in the destination AWS Region. This is the same identifier for both the CreateDBInstanceReadReplica action that is called in the destination AWS Region, and the action contained in the presigned URL.

  • SourceDBInstanceIdentifier - The DB instance identifier for the encrypted DB instance to be replicated. This identifier must be in the Amazon Resource Name (ARN) format for the source AWS Region. For example, if you are creating an encrypted Read Replica from a DB instance in the us-west-2 AWS Region, then your SourceDBInstanceIdentifier looks like the following example: arn:aws:rds:us-west-2:123456789012:instance:mysql-instance1-20161115.

To learn how to generate a Signature Version 4 signed request, see Authenticating Requests: Using Query Parameters (AWS Signature Version 4) and Signature Version 4 Signing Process.

Note

If you are using an AWS SDK tool or the AWS CLI, you can specify SourceRegion (or --source-region for the AWS CLI) instead of specifying PreSignedUrl manually. Specifying SourceRegion autogenerates a pre-signed URL that is a valid request for the operation that can be executed in the source AWS Region.

Type: String

Required: No

ProcessorFeatures.ProcessorFeature.N

The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.

Type: Array of ProcessorFeature objects

Required: No

PubliclyAccessible

A value that indicates whether the DB instance is publicly accessible. When the DB instance is publicly accessible, it is an Internet-facing instance with a publicly resolvable DNS name, which resolves to a public IP address. When the DB instance isn't publicly accessible, it is an internal instance with a DNS name that resolves to a private IP address. For more information, see CreateDBInstance.

Type: Boolean

Required: No

SourceDBInstanceIdentifier

The identifier of the DB instance that will act as the source for the Read Replica. Each DB instance can have up to five Read Replicas.

Constraints:

  • Must be the identifier of an existing MySQL, MariaDB, Oracle, or PostgreSQL DB instance.

  • Can specify a DB instance that is a MySQL Read Replica only if the source is running MySQL 5.6 or later.

  • For the limitations of Oracle Read Replicas, see Read Replica Limitations with Oracle in the Amazon RDS User Guide.

  • Can specify a DB instance that is a PostgreSQL DB instance only if the source is running PostgreSQL 9.3.5 or later (9.4.7 and higher for cross-region replication).

  • The specified DB instance must have automatic backups enabled, its backup retention period must be greater than 0.

  • If the source DB instance is in the same AWS Region as the Read Replica, specify a valid DB instance identifier.

  • If the source DB instance is in a different AWS Region than the Read Replica, specify a valid DB instance ARN. For more information, go to Constructing an ARN for Amazon RDS in the Amazon RDS User Guide.

Type: String

Required: Yes

StorageType

Specifies the storage type to be associated with the Read Replica.

Valid values: standard | gp2 | io1

If you specify io1, you must also include a value for the Iops parameter.

Default: io1 if the Iops parameter is specified, otherwise gp2

Type: String

Required: No

Tags.Tag.N

A list of tags. For more information, see Tagging Amazon RDS Resources in the Amazon RDS User Guide.

Type: Array of Tag objects

Required: No

UseDefaultProcessorFeatures

A value that indicates whether the DB instance class of the DB instance uses its default processor features.

Type: Boolean

Required: No

VpcSecurityGroupIds.VpcSecurityGroupId.N

A list of EC2 VPC security groups to associate with the Read Replica.

Default: The default EC2 VPC security group for the DB subnet group's VPC.

Type: Array of strings

Required: No

Response Elements

The following element is returned by the service.

DBInstance

Contains the details of an Amazon RDS DB instance.

This data type is used as a response element in the DescribeDBInstances action.

Type: DBInstance object

Errors

For information about the errors that are common to all actions, see Common Errors.

DBInstanceAlreadyExists

The user already has a DB instance with the given identifier.

HTTP Status Code: 400

DBInstanceNotFound

DBInstanceIdentifier doesn't refer to an existing DB instance.

HTTP Status Code: 404

DBParameterGroupNotFound

DBParameterGroupName doesn't refer to an existing DB parameter group.

HTTP Status Code: 404

DBSecurityGroupNotFound

DBSecurityGroupName doesn't refer to an existing DB security group.

HTTP Status Code: 404

DBSubnetGroupDoesNotCoverEnoughAZs

Subnets in the DB subnet group should cover at least two Availability Zones unless there is only one Availability Zone.

HTTP Status Code: 400

DBSubnetGroupNotAllowedFault

The DBSubnetGroup shouldn't be specified while creating read replicas that lie in the same region as the source instance.

HTTP Status Code: 400

DBSubnetGroupNotFoundFault

DBSubnetGroupName doesn't refer to an existing DB subnet group.

HTTP Status Code: 404

DomainNotFoundFault

Domain doesn't refer to an existing Active Directory domain.

HTTP Status Code: 404

InstanceQuotaExceeded

The request would result in the user exceeding the allowed number of DB instances.

HTTP Status Code: 400

InsufficientDBInstanceCapacity

The specified DB instance class isn't available in the specified Availability Zone.

HTTP Status Code: 400

InvalidDBInstanceState

The DB instance isn't in a valid state.

HTTP Status Code: 400

InvalidDBSubnetGroupFault

The DBSubnetGroup doesn't belong to the same VPC as that of an existing cross-region read replica of the same source instance.

HTTP Status Code: 400

InvalidSubnet

The requested subnet is invalid, or multiple subnets were requested that are not all in a common VPC.

HTTP Status Code: 400

InvalidVPCNetworkStateFault

The DB subnet group doesn't cover all Availability Zones after it's created because of users' change.

HTTP Status Code: 400

KMSKeyNotAccessibleFault

An error occurred accessing an AWS KMS key.

HTTP Status Code: 400

OptionGroupNotFoundFault

The specified option group could not be found.

HTTP Status Code: 404

ProvisionedIopsNotAvailableInAZFault

Provisioned IOPS not available in the specified Availability Zone.

HTTP Status Code: 400

StorageQuotaExceeded

The request would result in the user exceeding the allowed amount of storage available across all DB instances.

HTTP Status Code: 400

StorageTypeNotSupported

Storage of the StorageType specified can't be associated with the DB instance.

HTTP Status Code: 400

Example

Sample Request

https://rds.us-east-1.amazonaws.com/ ?Action=CreateDBInstanceReadReplica &DBInstanceIdentifier=mysqldb-rr &SignatureMethod=HmacSHA256 &SignatureVersion=4 &SourceDBInstanceIdentifier=mysqldb &Version=2014-09-01 &X-Amz-Algorithm=AWS4-HMAC-SHA256 &X-Amz-Credential=AKIADQKE4SARGYLE/20140425/us-east-1/rds/aws4_request &X-Amz-Date=20140425T170525Z &X-Amz-SignedHeaders=content-type;host;user-agent;x-amz-content-sha256;x-amz-date &X-Amz-Signature=a5bc7bb9648272e9967c76fc582b308d3ee37d6c4f7a4eb62c2d885ec595c373

Sample Response

<CreateDBInstanceReadReplicaResponse xmlns="http://rds.amazonaws.com/doc/2014-09-01/"> <CreateDBInstanceReadReplicaResult> <DBInstance> <BackupRetentionPeriod>0</BackupRetentionPeriod> <MultiAZ>false</MultiAZ> <DBInstanceStatus>creating</DBInstanceStatus> <VpcSecurityGroups/> <DBInstanceIdentifier>mysqldb-rr</DBInstanceIdentifier> <PreferredBackupWindow>08:14-08:44</PreferredBackupWindow> <PreferredMaintenanceWindow>fri:04:50-fri:05:20</PreferredMaintenanceWindow> <ReadReplicaDBInstanceIdentifiers/> <Engine>mysql</Engine> <PendingModifiedValues/> <LicenseModel>general-public-license</LicenseModel> <EngineVersion>5.6.13</EngineVersion> <DBParameterGroups> <DBParameterGroup> <ParameterApplyStatus>in-sync</ParameterApplyStatus> <DBParameterGroupName>default.mysql5.6</DBParameterGroupName> </DBParameterGroup> </DBParameterGroups> <ReadReplicaSourceDBInstanceIdentifier>mysqldb</ReadReplicaSourceDBInstanceIdentifier> <OptionGroupMemberships> <OptionGroupMembership> <OptionGroupName>default:mysql-5-6</OptionGroupName> <Status>pending-apply</Status> </OptionGroupMembership> </OptionGroupMemberships> <PubliclyAccessible>true</PubliclyAccessible> <DBSecurityGroups> <DBSecurityGroup> <Status>active</Status> <DBSecurityGroupName>default</DBSecurityGroupName> </DBSecurityGroup> </DBSecurityGroups> <DBName>mysqldb</DBName> <AutoMinorVersionUpgrade>true</AutoMinorVersionUpgrade> <AllocatedStorage>100</AllocatedStorage> <MasterUsername>myawsuser</MasterUsername> <DBInstanceClass>db.m1.medium</DBInstanceClass> </DBInstance> </CreateDBInstanceReadReplicaResult> <ResponseMetadata> <RequestId>ba8dedf0-bb9a-11d3-855b-576787000e19</RequestId> </ResponseMetadata> </CreateDBInstanceReadReplicaResponse>

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: